<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>整体安全态势评级与核心风险</title>
    <script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
    <style>
        :root {
            --primary: #2E95F8;
            --danger: #FF4D4F;
            --warning: #FAAD14;
            --success: #52C41A;
        }

        * {
            padding: 0;
            margin: 0;
            box-sizing: border-box;
            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
        }

        body {
            background: #060606;
            color: #E9EAEC;
            line-height: 1.6;
        }

        .row {
            display: flex;
            gap: 24px;
            margin-bottom: 24px;
        }

        .col {
            flex: 1;
        }

        .page {
            max-width: 1400px;
            margin: 24px auto;
            padding: 0 16px;
        }

        .header {
            margin-bottom: 24px;
            padding: 24px;
            background-color: #09162F;
            border-radius: 4px;
            border-left: 4px solid #129BFF;
        }

        .header h1 {
            color: #129BFF;
            margin-bottom: 12px;
        }

        .card {
            border-radius: 4px;
            padding: 20px;
            border: 1px solid #1B64AA;
            background: rgba(8, 26, 48, 0.8);
            height: 100%;
        }

        .card-title {
            margin-bottom: 16px;
            font-size: 18px;
            color: #129BFF;
            border-bottom: 1px solid #1B64AA;
            padding-bottom: 8px;
        }

        .overview {
            display: flex;
            gap: 24px;
        }

        .overview-item {
            flex: 1;
            text-align: center;
            padding: 12px;
            background: rgba(18, 155, 255, 0.1);
            border-radius: 4px;
        }

        .overview-item .label {
            font-size: 14px;
            color: #8EB8E5;
        }

        .overview-item .value {
            font-size: 24px;
            font-weight: bold;
            margin-top: 8px;
        }

        table {
            width: 100%;
            border-collapse: collapse;
            margin: 16px 0;
        }

        th,
        td {
            padding: 12px 16px;
            text-align: left;
            border-bottom: 1px solid #1B64AA;
        }

        th {
            background-color: rgba(18, 155, 255, 0.2);
            color: #8EB8E5;
            font-weight: 500;
        }

        tr:hover {
            background-color: rgba(18, 155, 255, 0.05);
        }

        .danger {
            color: var(--danger);
        }

        .warning {
            color: var(--warning);
        }

        .success {
            color: var(--success);
        }

        .chart-container {
            position: relative;
            height: 300px;
            width: 100%;
        }

        .analysis {
            background: rgba(18, 155, 255, 0.05);
            padding: 16px;
            border-radius: 4px;
            margin-top: 16px;
            border-left: 3px solid #129BFF;
        }

        .analysis-title {
            font-weight: bold;
            margin-bottom: 8px;
            color: #8EB8E5;
        }

        ol,
        ul {
            padding-left: 24px;
            margin: 12px 0;
        }

        li {
            margin-bottom: 8px;
        }

        @media (max-width: 768px) {
            .row {
                flex-direction: column;
            }

            .overview {
                flex-direction: column;
            }
        }
    </style>
</head>

<body>
    <div class="page">
        <!-- 头部 -->
        <div class="header">
            <h1>整体安全态势评级与核心风险</h1>
            <div>
                <p><strong>整体安全态势评级</strong>：<span class="danger">高风险</span>（基于未来三天风险命中次数增长率达63.83%及权限提升攻击占比72.5%）</p>
                <p><strong>核心风险</strong>：</p>
                <ol>
                    <li>CentOS 8.2.2004系统（资产ID: lin:13f577...）的权限提升攻击集中爆发（1714次）</li>
                    <li>Windows 10主机（DESKTOP-VJ1VQ8T）的基线告警异常（156次）</li>
                    <li>未来三天风险命中次数呈指数级增长（5月14日至16日增长77.8%）</li>
                </ol>
                <p><strong>趋势演进</strong>：</p>
                <ul>
                    <li><strong>短期趋势</strong>：2025-05-16风险命中次数（4294次）较2025-05-14（2432次）增长77.8%，攻击强度持续增强</li>
                    <li><strong>攻击类型演变</strong>：权限提升攻击（T1548）在2025-05-14至2025-05-16期间占比从72.5%（状态报告）增至89.3%（趋势报告），攻击模式高度集中
                    </li>
                </ul>
            </div>
        </div>

        <div class="main">
            <!-- 概览数据 -->
            <div class="row">
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">安全概览</h2>
                        <div class="overview">
                            <div class="overview-item">
                                <div class="label">总告警数量</div>
                                <div class="value">4,455</div>
                            </div>
                            <div class="overview-item">
                                <div class="label">高威胁攻击</div>
                                <div class="value danger">1,582</div>
                            </div>
                            <div class="overview-item">
                                <div class="label">权限提升攻击</div>
                                <div class="value danger">1,714</div>
                            </div>
                            <div class="overview-item">
                                <div class="label">日增长率</div>
                                <div class="value danger">63.83%</div>
                            </div>
                        </div>
                    </div>
                </div>
            </div>

            <!-- 风险分布和攻击类型 -->
            <div class="row">
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">资产风险分布分析</h2>
                        <table>
                            <thead>
                                <tr>
                                    <th>主机名称</th>
                                    <th>IP地址</th>
                                    <th>操作系统类型</th>
                                    <th>告警数量</th>
                                    <th>基线告警数量</th>
                                    <th>高威胁攻击次数</th>
                                </tr>
                            </thead>
                            <tbody>
                                <tr>
                                    <td>k8s-master1</td>
                                    <td>10.254.178.168</td>
                                    <td>CentOS 8.2.2004</td>
                                    <td>4455</td>
                                    <td>0</td>
                                    <td class="danger">1582（T1548）</td>
                                </tr>
                                <tr>
                                    <td>DESKTOP-VJ1VQ8T</td>
                                    <td>10.250.20.211</td>
                                    <td>Windows 10</td>
                                    <td>0</td>
                                    <td>156</td>
                                    <td>0</td>
                                </tr>
                                <tr>
                                    <td>2-12.novalocal</td>
                                    <td>10.254.177.177</td>
                                    <td>CentOS 7.9.2009</td>
                                    <td>398</td>
                                    <td>0</td>
                                    <td>0</td>
                                </tr>
                                <tr>
                                    <td>agent-4.novalocal</td>
                                    <td>空</td>
                                    <td>CentOS 7.9.2009</td>
                                    <td>63</td>
                                    <td>0</td>
                                    <td>0</td>
                                </tr>
                                <tr>
                                    <td>agent-77.novalocal</td>
                                    <td>10.254.176.62</td>
                                    <td>CentOS 7.9.2009</td>
                                    <td>35</td>
                                    <td>0</td>
                                    <td>0</td>
                                </tr>
                            </tbody>
                        </table>
                        <div class="analysis">
                            <div class="analysis-title">分析思路：</div>
                            <ol>
                                <li><strong>风险集中性</strong>：k8s-master1（CentOS
                                    8.2.2004）的告警数量（4455次）占TOP5主机总告警量的90.7%，且其高威胁攻击次数（1582次）占权限提升攻击总量的93.7%（1582/1711），表明其为当前核心攻击目标。
                                </li>
                                <li><strong>基线异常</strong>：DESKTOP-VJ1VQ8T（Windows
                                    10）的基线告警数量（156次）占TOP5基线告警总量的100%，但未触发高威胁攻击事件，需核查其基线配置是否与攻击模式存在关联。</li>
                                <li><strong>数据完整性</strong>：agent-4.novalocal的IP地址缺失，可能影响溯源分析；需补充其网络信息以完善资产画像。</li>
                            </ol>
                        </div>
                    </div>
                </div>
            </div>

            <!-- 两列布局 -->
            <div class="row">
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">攻击类型与威胁等级关联分析</h2>
                        <table>
                            <thead>
                                <tr>
                                    <th>攻击类型</th>
                                    <th>命中次数</th>
                                    <th>高威胁等级占比</th>
                                    <th>风险等级（未定义）</th>
                                </tr>
                            </thead>
                            <tbody>
                                <tr>
                                    <td>权限提升（T1548）</td>
                                    <td>1714</td>
                                    <td class="danger">100%</td>
                                    <td>2（需补充定义）</td>
                                </tr>
                                <tr>
                                    <td>Linux定时任务攻击</td>
                                    <td>256</td>
                                    <td>0%</td>
                                    <td>2</td>
                                </tr>
                                <tr>
                                    <td>脚本执行可疑行为</td>
                                    <td>164</td>
                                    <td>0%</td>
                                    <td>2</td>
                                </tr>
                                <tr>
                                    <td>持久化攻击</td>
                                    <td>129</td>
                                    <td>0%</td>
                                    <td>2</td>
                                </tr>
                                <tr>
                                    <td>防火墙配置收集</td>
                                    <td>111</td>
                                    <td>0%</td>
                                    <td>2</td>
                                </tr>
                            </tbody>
                        </table>
                        <div class="chart-container">
                            <canvas id="attackTypeChart"></canvas>
                        </div>
                        <div class="analysis">
                            <div class="analysis-title">分析思路：</div>
                            <ul>
                                <li><strong>威胁等级一致性</strong>：权限提升攻击（T1548）的威胁等级均为"高"，但其风险等级未定义（当前为2），需明确风险等级量化标准（如1-5分制或高/中/低）以统一评估。
                                </li>
                                <li><strong>攻击模式差异</strong>：Linux定时任务攻击（256次）与脚本执行可疑行为（164次）未触发高威胁等级，可能与其攻击复杂度或检测规则覆盖不足有关。
                                </li>
                            </ul>
                        </div>
                    </div>
                </div>
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">风险等级分布</h2>
                        <div class="chart-container">
                            <canvas id="riskLevelChart"></canvas>
                        </div>
                    </div>
                </div>
            </div>

            <!-- 时间序列数据 -->
            <div class="row">
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">未来三天风险增长预测</h2>
                        <div class="chart-container">
                            <canvas id="riskGrowthChart"></canvas>
                        </div>
                        <table>
                            <thead>
                                <tr>
                                    <th>日期</th>
                                    <th>风险命中次数</th>
                                    <th>日环比增长率</th>
                                    <th>推演逻辑说明</th>
                                </tr>
                            </thead>
                            <tbody>
                                <tr>
                                    <td>2025-05-14</td>
                                    <td>2432</td>
                                    <td>-</td>
                                    <td>历史数据基准</td>
                                </tr>
                                <tr>
                                    <td>2025-05-15</td>
                                    <td>2621</td>
                                    <td>7.77%</td>
                                    <td>(2621-2432)/2432</td>
                                </tr>
                                <tr>
                                    <td>2025-05-16</td>
                                    <td>4294</td>
                                    <td class="danger">63.83%</td>
                                    <td>(4294-2621)/2621</td>
                                </tr>
                                <tr>
                                    <td>2025-05-17</td>
                                    <td>7033</td>
                                    <td class="danger">63.83%</td>
                                    <td>基于2025-05-16增长率推演</td>
                                </tr>
                                <tr>
                                    <td>2025-05-18</td>
                                    <td>11542</td>
                                    <td class="danger">63.83%</td>
                                    <td>同上</td>
                                </tr>
                                <tr>
                                    <td>2025-05-19</td>
                                    <td>18890</td>
                                    <td class="danger">63.83%</td>
                                    <td>同上</td>
                                </tr>
                            </tbody>
                        </table>
                        <div class="analysis">
                            <div class="analysis-title">分析思路：</div>
                            <ul>
                                <li><strong>增长模式验证</strong>：2025-05-16的63.83%增长率与2025-05-15的7.77%增长率差异显著，需结合攻击事件时间线（如2025-05-13至2025-05-14增长79.43%）判断是否为短期攻击高峰。
                                </li>
                                <li><strong>风险阈值预警</strong>：若2025-05-19风险命中次数达18890次，建议触发系统级告警并启动应急响应流程。</li>
                            </ul>
                        </div>
                    </div>
                </div>
            </div>

            <!-- 入侵时间线 -->
            <div class="row">
                <div class="col">
                    <div class="card">
                        <h2 class="card-title">入侵攻击时间线趋势分析</h2>
                        <div class="chart-container">
                            <canvas id="timelineChart"></canvas>
                        </div>
                        <table>
                            <thead>
                                <tr>
                                    <th>日期</th>
                                    <th>命中次数</th>
                                    <th>环比增长率</th>
                                    <th>关键事件关联</th>
                                </tr>
                            </thead>
                            <tbody>
                                <tr>
                                    <td>2025-05-10</td>
                                    <td>44</td>
                                    <td>-</td>
                                    <td>-</td>
                                </tr>
                                <tr>
                                    <td>2025-05-11</td>
                                    <td>64</td>
                                    <td>45.45%</td>
                                    <td>-</td>
                                </tr>
                                <tr>
                                    <td>2025-05-12</td>
                                    <td>70</td>
                                    <td>9.38%</td>
                                    <td>-</td>
                                </tr>
                                <tr>
                                    <td>2025-05-13</td>
                                    <td>605</td>
                                    <td class="danger">764.29%</td>
                                    <td>攻击工具扩散</td>
                                </tr>
                                <tr>
                                    <td>2025-05-14</td>
                                    <td>1086</td>
                                    <td class="danger">79.43%</td>
                                    <td>k8s-master1集中攻击</td>
                                </tr>
                                <tr>
                                    <td>2025-05-15</td>
                                    <td>2621</td>
                                    <td class="danger">141.35%</td>
                                    <td>持续性攻击行为</td>
                                </tr>
                                <tr>
                                    <td>2025-05-16</td>
                                    <td>4294</td>
                                    <td class="danger">63.83%</td>
                                    <td>防护策略失效</td>
                                </tr>
                            </tbody>
                        </table>
                        <div class="analysis">
                            <div class="analysis-title">分析思路：</div>
                            <ul>
                                <li><strong>攻击强度拐点</strong>：2025-05-13至2025-05-14的79.43%增长率与k8s-master1的权限提升攻击（5次/5分钟）直接相关，表明攻击者已突破初步防御。
                                </li>
                                <li><strong>防御策略评估</strong>：2025-05-15至2025-05-16的63.83%增长率低于2025-05-14至2025-05-15的141.35%，可能反映部分防护措施生效，但需进一步验证。
                                </li>
                            </ul>
                        </div>
                    </div>
                </div>
            </div>
        </div>
    </div>

    <script>
        // 攻击类型图表
        const attackTypeCtx = document.getElementById('attackTypeChart').getContext('2d');
        const attackTypeChart = new Chart(attackTypeCtx, {
            type: 'bar',
            data: {
                labels: ['权限提升(T1548)', 'Linux定时任务', '脚本执行可疑', '持久化攻击', '防火墙配置收集'],
                datasets: [{
                    label: '攻击命中次数',
                    data: [1714, 256, 164, 129, 111],
                    backgroundColor: [
                        'rgba(255, 99, 132, 0.7)',
                        'rgba(54, 162, 235, 0.7)',
                        'rgba(255, 206, 86, 0.7)',
                        'rgba(75, 192, 192, 0.7)',
                        'rgba(153, 102, 255, 0.7)'
                    ],
                    borderColor: [
                        'rgba(255, 99, 132, 1)',
                        'rgba(54, 162, 235, 1)',
                        'rgba(255, 206, 86, 1)',
                        'rgba(75, 192, 192, 1)',
                        'rgba(153, 102, 255, 1)'
                    ],
                    borderWidth: 1
                }]
            },
            options: {
                responsive: true,
                maintainAspectRatio: false,
                plugins: {
                    legend: {
                        position: 'top',
                        labels: {
                            color: '#E9EAEC'
                        }
                    },
                    tooltip: {
                        mode: 'index',
                        intersect: false
                    }
                },
                scales: {
                    y: {
                        beginAtZero: true,
                        ticks: {
                            color: '#8EB8E5'
                        },
                        grid: {
                            color: 'rgba(27, 100, 170, 0.3)'
                        }
                    },
                    x: {
                        ticks: {
                            color: '#8EB8E5'
                        },
                        grid: {
                            color: 'rgba(27, 100, 170, 0.3)'
                        }
                    }
                }
            }
        });

        // 风险等级图表
        const riskLevelCtx = document.getElementById('riskLevelChart').getContext('2d');
        const riskLevelChart = new Chart(riskLevelCtx, {
            type: 'doughnut',
            data: {
                labels: ['高威胁', '中威胁', '低威胁'],
                datasets: [{
                    data: [1582, 398, 35],
                    backgroundColor: [
                        'rgba(255, 99, 132, 0.7)',
                        'rgba(255, 206, 86, 0.7)',
                        'rgba(75, 192, 192, 0.7)'
                    ],
                    borderColor: [
                        'rgba(255, 99, 132, 1)',
                        'rgba(255, 206, 86, 1)',
                        'rgba(75, 192, 192, 1)'
                    ],
                    borderWidth: 1
                }]
            },
            options: {
                responsive: true,
                maintainAspectRatio: false,
                plugins: {
                    legend: {
                        position: 'right',
                        labels: {
                            color: '#E9EAEC'
                        }
                    },
                    tooltip: {
                        callbacks: {
                            label: function (context) {
                                const label = context.label || '';
                                const value = context.raw || 0;
                                const total = context.dataset.data.reduce((a, b) => a + b, 0);
                                const percentage = Math.round((value / total) * 100);
                                return `${label}: ${value} (${percentage}%)`;
                            }
                        }
                    }
                }
            }
        });

        // 风险增长图表
        const riskGrowthCtx = document.getElementById('riskGrowthChart').getContext('2d');
        const riskGrowthChart = new Chart(riskGrowthCtx, {
            type: 'line',
            data: {
                labels: ['2025-05-14', '2025-05-15', '2025-05-16', '2025-05-17', '2025-05-18', '2025-05-19'],
                datasets: [{
                    label: '风险命中次数',
                    data: [2432, 2621, 4294, 7033, 11542, 18890],
                    borderColor: 'rgba(255, 99, 132, 1)',
                    backgroundColor: 'rgba(255, 99, 132, 0.1)',
                    borderWidth: 2,
                    tension: 0.1,
                    fill: true
                }]
            },
            options: {
                responsive: true,
                maintainAspectRatio: false,
                plugins: {
                    legend: {
                        labels: {
                            color: '#E9EAEC'
                        }
                    },
                    tooltip: {
                        mode: 'index',
                        intersect: false
                    }
                },
                scales: {
                    y: {
                        beginAtZero: false,
                        ticks: {
                            color: '#8EB8E5'
                        },
                        grid: {
                            color: 'rgba(27, 100, 170, 0.3)'
                        }
                    },
                    x: {
                        ticks: {
                            color: '#8EB8E5'
                        },
                        grid: {
                            color: 'rgba(27, 100, 170, 0.3)'
                        }
                    }
                }
            }
        });

        // 时间线图表
        const timelineCtx = document.getElementById('timelineChart').getContext('2d');
        const timelineChart = new Chart(timelineCtx, {
            type: 'line',
            data: {
                labels: ['2025-05-10', '2025-05-11', '2025-05-12', '2025-05-13', '2025-05-14', '2025-05-15', '2025-05-16'],
                datasets: [{
                    label: '命中次数',
                    data: [44, 64, 70, 605, 1086, 2621, 4294],
                    borderColor: 'rgba(54, 162, 235, 1)',
                    backgroundColor: 'rgba(54, 162, 235, 0.1)',
                    borderWidth: 2,
                    tension: 0.1,
                    fill: true
                }]
            },
            options: {
                responsive: true,
                maintainAspectRatio: false,
                plugins: {
                    legend: {
                        labels: {
                            color: '#E9EAEC'
                        }
                    },
                    tooltip: {
                        mode: 'index',
                        intersect: false
                    }
                },
                scales: {
                    y: {
                        beginAtZero: true,
                        ticks: {
                            color: '#8EB8E5'
                        },
                        grid: {
                            color: 'rgba(27, 100, 170, 0.3)'
                        }
                    },
                    x: {
                        ticks: {
                            color: '#8EB8E5'
                        },
                        grid: {
                            color: 'rgba(27, 100, 170, 0.3)'
                        }
                    }
                }
            }
        });
    </script>
</body>

</html>